Skip to content
/ python-sbom-test Public

Python script to query SBOM Test API and keep track of changes in vulnerabilities

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

snyk-labs/python-sbom-test

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
.vscode
.vscode
 
 
src
src
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
poetry.lock
poetry.lock
 
 
pyproject.toml
pyproject.toml
 
 

Repository files navigation

Overview

This repository may be used as a starting point for Python applications using Poetry for using Snyk SBOM test and to get a simple diff between scans.

Setup

Need to have the following environment variables set: SNYK_TOKEN and SNYK_ORG_ID

Running

To run, install the dependencies using poetry install, and execute poetry run python src/main.py

Alternatively, use the provided launch.json to specify the command to run and execute in VS Code.

Usage

In this example, we assume you already have a SBOM file with the components that is named orig-sbom1.json

  1. Generate a new SBOM with all the vulnerabilities information:

poetry run python src/main.py ./orig-sbom1.json orig-sbom1-vulns.json

  1. Pull down the newest vulnerabilities in a new JSON file and compare with the previous vulnerabilities JSON (from the command above). The diff is given in the terminal output:

poetry run python src/main.py ./orig-sbom1.json new-sbom1-vulns.json orig-sbom1-vulns.json

About

Python script to query SBOM Test API and keep track of changes in vulnerabilities

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

6 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages